CVE-2023-47091

An issue was discovered in Stormshield Network Security (SNS) SNS 4.3.13 through 4.3.22 before 4.3.23, SNS 4.6.0 through 4.6.9 before 4.6.10, and SNS 4.7.0 through 4.7.1 before 4.7.2. An attacker can overflow the cookie threshold, making an IPsec connection impossible.

Published: Dec 25, 2023
Updated: Jan 5, 2024
CVE: CVE-2023-47091
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWEs:

CWE-120

Affected Software
References

Software	From	Fixed in
stormshield / stormshield_network_security	4.7.0	4.7.2
stormshield / stormshield_network_security	4.6.0	4.6.10
stormshield / stormshield_network_security	4.3.13	4.3.23

https://advisories.stormshield.eu
https://advisories.stormshield.eu/2023-024/

Vulnerability Database

289,697

CVE-2023-47091